Closed Nishantbhagat57 closed 9 months ago
@Nishantbhagat57 Thanks. This was due to the latest changes in axiom-scan. I fixed the two ffuf modules. Going to close this issue but lmk if you continue to see any issues.
@0xtavian Hey, I don't think this will work, I am not on my PC rn but from what I can see the fix you have implemented is not enough.
For example, you have changed the
-u '_target_/FUZZ'
to -u _target_/FUZZ
Suppose if the _target_
is google.com then it will be seen as -u 'google.com'/FUZZ
which ofcourse will not work with FFUF as the correct syntax should be -u 'google.com/FUZZ'
(note the difference)
It's not just about the FFUF module. It should be upon user if he wants to add ''
he can add it manually in his custom axiom modules.
@0xtavian The ffuf.json and ffuf_base.json were already correct...The issue is that axiom-scan now adds ''
with _target_
by default. I think there may be some other modules too that will break due to this ''
@0xtavian So I was using my custom axiom module that uses ffuf but faced some error. Debugging it I got to know that axiom-scan adds '' automatically when using
_target_
in axiom modulesI haven't faced this issue before, I can see you have implemented some changes in axiom-scan recently so maybe it's due to that. To confirm this issue I used the default ffuf.json module: https://github.com/pry0cc/axiom/blob/5c7f699a180984aaed21161ee6dc42fb4d5699cf/modules/ffuf.json
My command:
axiom-scan /home/nishant57/BB/inputf.txt -m ffuf -o /home/nishant57/BB/ffuf.txt
Output:[14:18:23] [THREAD] [/home/op/go/bin/ffuf -w /home/op/lists/seclists/Discovery/Web-Content/big.txt -u ''http://xyz.com'/FUZZ' -of csv -o output/xyz.com -ac] Added to Queue
You can see here:
''http://xyz.com'/FUZZ'
This will never work, It should be:'http://xyz.com/FUZZ'
P.S. I attempted to reach out to you through the axiom 0x00sec discord channel, but it seems you haven't been active on Discord recently. Therefore, I'm raising this issue here.